SlideShare a Scribd company logo

10940 img sytr12_mobile_malware

SytelReplyUK
SytelReplyUK
Technology
1 of 4
MOBILE MALWARE This report details the current status of Malware for mobile devices, their security risks, the possible future evolution of Mobile Malware and Future Mitigation Options. INTRODUCTION With the penetration of Smartphones now reaching record highs in the UK, at just under 50% owning a Smartphone (1); it comes to no surprise that the risk of malware on mobile devices is also increasing. With the introduction of the iPad and other tablet computers which are built upon the same firmware as Smartphones; malware can be easily written to infect both devices, giving further support for malicious code writers to focus their sights on mobile devices. CURRENT EXAMPLES OF MOBILE MALWARE Below are examples of real threats to user equipment on various platforms which exist today. The vast majority of malware discovered works on the android platform as it is possible to install unchecked 3rd party applications, unlike the Apple IOS platform. However it is still possible to install unregistered apps from outside the Apple App store by “jail breaking” the iPhone. ANDRIOD TROJAN (JIMM ICQ TROJAN CLIENT) is a piece of malware which is distributed by QR codes. A QR code is an image similar to a barcode which is captured by a Smartphone’s camera. It can be used to provide a link to a WebPage in printed publications. To infect their phone the user scans the QR code which directs them to a webpage that downloads a trojanised version of the JIMM ICQ client. This software when installed sends various SMS message to a premium number costing roughly £4 per message. It is possible for the attackers to hijack QR codes found in public places and replace them with their corrupted versions to infect the victim’s phone. ANDRIOD TROJAN (GOOGLE+ IMITATION APP) creators rely on the fact that users will not pay particular attention to the software they are downloading. They have labelled their software Google++ in the hope to hoodwink their victims. Once installed it captures instant messages, call logs, location, GPS information and other sensitive data. WALKINWAT TROJAN is a corrupted version of the Walk and Text app which uses the Smartphones’ camera to display the world to the user while they send SMS messages, allowing them to walk and text at the same time. This Trojan identifies itself as a pirated version of the popular walk and text app available for free download.  Reply www.reply.eu
2 MOBILE MALWARE Once installed the software extracts IMEI information and other sensitive data and uploads it to a central server for retrieval by the attackers. While uploading the information it sends an SMS message to each of the victim’s contacts saying: “Hey, just downloaded a pirated App off the Internet, Walk and Text for Android. Im stupid and cheap, it costed only 1 buck. Don’t steal like I did!” Symantec have claimed that this is first corrupted app discovered which actively scolds the victim for software piracy. IKEE, IPHONE WORM was the first computer worm discovered for the iPhone during 2009. It only affected users who had “jailbroken” their iPhone; this is when the user gains root access to their phone to install custom firmware to allow for applications not available through the Apple App Store. Through this process of jail breaking, the default installation installs a SSH service with a default username and password. This vulnerability was then exploited by iKee to infiltrate the phone and gain access. This attack vector was then witnessed again by Security Company F-Secure in which another piece of Malware compromised banking transactions on corrupted iPhones. THE FUTURE OF MALWARE The future of malware in mobile devices is evolving at an exponential rate. Many researchers are now trying to fully understand the capabilities of malware on a mobile device; as tablet computers become more popular the malware threat will increase. REGISTER KEYSTROKES OF A KEYBOARD THROUGH A PHONE. Patrick Traynor from Georgia Technology University demonstrated at a conference in Chicago that by using an iPhone’s accelerometer they were capable of capturing the keystrokes of a user on a computer to an accuracy of 80%. Patrick outlined that the malware could work by allowing the user to download a seemingly innocent app which will then sense when the phone is placed upon a hard surface near a keyboard. It will then start to listen for keystrokes and send the information to a central server. (2) IOS APP SECURITY FLAW This was a flaw studied by Charlie Miller where he was able to bypass Apple’s security checks and allow an App listed in their App Store to download a payload and run on the phone. The current security procedure in place at Apple is that all apps are verified before they are available on the App Store. However at the time of the vulnerability, they did not have sufficient measures in place to confirm if the app would try to execute a payload. As Charlie Miller shows in his video, the payload vulnerability allows an attacker to gain near full control of the victim’s phone. This includes the ability to download the user’s address book, download any file which currently resides on the phone and send SMS messages. At the time of writing there is no patch for this. (3) ACTIVE RECORDING OF PHONE CONVERSATIONS Researchers at Total Defence Security have discovered a piece of malware for the
3 MOBILE MALWARE Android Platform which will actively record a user’s phone conversation and upload the file to a central server for retrieval. It stores the recording of the telephone conversation in the AMR format and then stores it on the user’s MicroSD card before uploading. (4) WINDOWS 7 PHONE Currently there are no known security vulnerabilities of the Windows 7 phone operating system. The operating system is fairly new to the Smartphone market so the hackers have had a limited amount of time to find the vulnerabilities. The operating system has strong security preventions in place if a piece of malware were to be installed. All applications that are run on the phone must be developed in Microsoft’s Silverlight development platform. Each application cannot access the system files of the phone, so it is “sandboxed” from the rest of the phone. The inherent security of Silverlight is also present in the phone, the customer sensitive data must be accessed through a series of APIs which launch and collect the data required. This provides a level of security as applications cannot have direct access to the data. (5) SECURITY PRACTICES TO MITIGATE MALWARE With the given rise of malware, the rate of Smartphone anti-virus software has also increased. There are two options available to a user who wishes to mitigate the threat of malware. They can choose to implement a local application which will periodically scan their phone for any signs of malicious application behaviour; or they could implement a cloud security based system. The local application approach is already available from various vendors including Kaspersky and F-Secure. These products can be configured to actively scan any file which is downloaded onto the handset providing a level of security to the user. The second approach is the cloud security based systems such as the recent partnership between Allot and AdaptiveMobile (6). This system, which is currently unavailable, will work on the service provider level as a chargeable opt-in feature. From here the service provider can stop the malware from even reaching the user’s handset providing a higher level of protection. CONCLUSION With higher usage of Smartphones, the pool of victims for Malware creators is increasing at an exponential rate. Today’s Smartphone is also fast becoming a honey pot of personal information; with many users now using their phones for bank transactions, calendar appointments as well as storing detailed contact information of their associates.
4 MOBILE MALWARE This makes any of the malware presented in this report of high risk to users and their data. Any of these malicious programs could cause high levels of damage to the users should their data fall into the hands of the wrong people. It is clear that the average Smartphone user should take greater care about the level of information they hold on their phones, which applications they allow to install and the level of permissions it holds upon the phone. Perhaps, some might even consider mitigating some risks through the use of security software. BIBLIOGRAPHY 1. Arthur, Charles. Half of UK Population own a Smartphone. The Guardian. [Online] 31 October 2011. [Cited: 14 11 2011.] http://www.guardian.co.uk/technology/2011/oct/31/half-uk-population-ownssmartphone. 2. PhysOrg. Turning iPhone into spiPhone: Smartphones' accelerometer can track strokes on nearby keyboards. PhysOrg. [Online] 18 Oct 2011. [Cited: 5 December 2011.] http://www.physorg.com/news/2011-10-iphone-spiphone-smartphones-accelerometer-track.html. 3. Greenberg, Andy. iPhone Security Bug Lets Innocent-Looking Apps Go Bad. Forbes. [Online] 7 Nov 2011. [Cited: 5 Dec 2011.] http://www.forbes.com/sites/andygreenberg/2011/11/07/iphone-securitybug-lets-innocent-looking-apps-go-bad/. 4. Venkatesan, Dinesh. A Trojan spying on your conversations. Total Defense Blog. [Online] 1 Aug 2011. [Cited: 5 Dec 2011.] http://www.totaldefense.com/securityblog/2011/08/26/A-Trojan-spying-on-yourconversations.aspx. 5. Shinder, Deb. Windows Phone 7 Security Implications. Windows Security. [Online] 12 Jan 2011. [Cited: 5 Dec 2011.] http://www.windowsecurity.com/articles/Windows-Phone-7-Security-Implications.html. 6. Allot. Allot and AdaptiveMobile Partner to Enable Carriers to Deliver Personalized Cloud Security . Allot Press Releases. [Online] 4 Oct 2011. [Cited: 5 Dec 2011.] http://www.allot.com/index.aspx?id=3797&itemID=70861. Sytel Reply UK is the company of the Reply group that is specialised in the Telecommunication, Media and Entertainment (TM&E) markets in the UK and Ireland. The Sytel Reply mission is to support clients during their technology and business innovation processes by planning, developing and managing solutions for Networking, BSS and OSS and Mobile Applications within TM&E service provider market. Sytel Reply, thanks to its in-depth competence and experience, boasts a team of highly skilled professionals able to manage any end-to-end business and technology transformation programmes. Sytel Reply UK www.replyltd.co.uk

Recommended

Pocket virus threat
Pocket virus threatPocket virus threat
Pocket virus threatAli J
 
Security News bytes October 2013
Security News bytes October 2013Security News bytes October 2013
Security News bytes October 2013n|u - The Open Security Community
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaAnjoum .
 
Top 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSTop 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSInnovation Network Technologies: InNet
 
Spy android malware - eScan
Spy android malware - eScanSpy android malware - eScan
Spy android malware - eScanMicroWorld Software Services Pvt Ltd
 
Cscu module 13 securing mobile devices
Cscu module 13 securing mobile devicesCscu module 13 securing mobile devices
Cscu module 13 securing mobile devicesSejahtera Affif
 
2012 nq mobile_security_report
2012 nq mobile_security_report2012 nq mobile_security_report
2012 nq mobile_security_reportIsnur Rochmad
 
Null pune 1st March-news bytes
Null pune 1st March-news bytesNull pune 1st March-news bytes
Null pune 1st March-news bytesn|u - The Open Security Community
 

Recommended

Pocket virus threat
Pocket virus threatPocket virus threat
Pocket virus threatAli J
 
Security News bytes October 2013
Security News bytes October 2013Security News bytes October 2013
Security News bytes October 2013n|u - The Open Security Community
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaAnjoum .
 
Top 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSTop 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSInnovation Network Technologies: InNet
 
Spy android malware - eScan
Spy android malware - eScanSpy android malware - eScan
Spy android malware - eScanMicroWorld Software Services Pvt Ltd
 
Cscu module 13 securing mobile devices
Cscu module 13 securing mobile devicesCscu module 13 securing mobile devices
Cscu module 13 securing mobile devicesSejahtera Affif
 
2012 nq mobile_security_report
2012 nq mobile_security_report2012 nq mobile_security_report
2012 nq mobile_security_reportIsnur Rochmad
 
Null pune 1st March-news bytes
Null pune 1st March-news bytesNull pune 1st March-news bytes
Null pune 1st March-news bytesn|u - The Open Security Community
 
HinDroid
HinDroidHinDroid
HinDroidHinDroid
 
Mobile phone security
Mobile phone securityMobile phone security
Mobile phone securityEr aditya kumar jha
 
Panda labs annual-report-2012
Panda labs annual-report-2012Panda labs annual-report-2012
Panda labs annual-report-2012Комсс Файквэе
 
IRJET - System to Identify and Define Security Threats to the users About The...
IRJET - System to Identify and Define Security Threats to the users About The...IRJET - System to Identify and Define Security Threats to the users About The...
IRJET - System to Identify and Define Security Threats to the users About The...IRJET Journal
 
Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578skowshik
 
Mobile Malwares Analysis - Garvit Arya
Mobile Malwares Analysis - Garvit AryaMobile Malwares Analysis - Garvit Arya
Mobile Malwares Analysis - Garvit AryaGarvit Arya
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?Tyler Shields
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYJASHU JASWANTH
 
20120140504023
2012014050402320120140504023
20120140504023IAEME Publication
 
Top mobile security threats
Top mobile security threatsTop mobile security threats
Top mobile security threatsRingtoIndia
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
cell phone viruses and security
cell phone viruses and securitycell phone viruses and security
cell phone viruses and securityPRIYANKA944
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-historyAnatoliy Tkachev
 
Tips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesTips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesQuick Heal Technologies Ltd.
 
Report of android hacking
Report of android hackingReport of android hacking
Report of android hackingdiv2345
 
Infographic: The High Cost of BYOD
Infographic: The High Cost of BYODInfographic: The High Cost of BYOD
Infographic: The High Cost of BYODTrustwave
 
Cell Phone Viruses & Security
Cell Phone Viruses & SecurityCell Phone Viruses & Security
Cell Phone Viruses & Securityguestc03f28
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device securityCAS
 
Smartphone
SmartphoneSmartphone
SmartphoneNaval OPSEC
 
Tips of Mobile Application Security
Tips of Mobile Application SecurityTips of Mobile Application Security
Tips of Mobile Application SecurityMarie Weaver
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile SecurityTharaka Mahadewa
 

More Related Content

What's hot

IRJET - System to Identify and Define Security Threats to the users About The...
IRJET - System to Identify and Define Security Threats to the users About The...IRJET - System to Identify and Define Security Threats to the users About The...
IRJET - System to Identify and Define Security Threats to the users About The...IRJET Journal
 
Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578skowshik
 
Mobile Malwares Analysis - Garvit Arya
Mobile Malwares Analysis - Garvit AryaMobile Malwares Analysis - Garvit Arya
Mobile Malwares Analysis - Garvit AryaGarvit Arya
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?Tyler Shields
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYJASHU JASWANTH
 
Top mobile security threats
Top mobile security threatsTop mobile security threats
Top mobile security threatsRingtoIndia
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
cell phone viruses and security
cell phone viruses and securitycell phone viruses and security
cell phone viruses and securityPRIYANKA944
 
Report of android hacking
Report of android hackingReport of android hacking
Report of android hackingdiv2345
 
Infographic: The High Cost of BYOD
Infographic: The High Cost of BYODInfographic: The High Cost of BYOD
Infographic: The High Cost of BYODTrustwave
 
Cell Phone Viruses & Security
Cell Phone Viruses & SecurityCell Phone Viruses & Security
Cell Phone Viruses & Securityguestc03f28
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device securityCAS
 

What's hot (19)

HinDroid
HinDroidHinDroid
HinDroid
 
Mobile phone security
Mobile phone securityMobile phone security
Mobile phone security
 
Panda labs annual-report-2012
Panda labs annual-report-2012Panda labs annual-report-2012
Panda labs annual-report-2012
 
IRJET - System to Identify and Define Security Threats to the users About The...
IRJET - System to Identify and Define Security Threats to the users About The...IRJET - System to Identify and Define Security Threats to the users About The...
IRJET - System to Identify and Define Security Threats to the users About The...
 
Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578
 
Mobile Malwares Analysis - Garvit Arya
Mobile Malwares Analysis - Garvit AryaMobile Malwares Analysis - Garvit Arya
Mobile Malwares Analysis - Garvit Arya
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITY
 
20120140504023
2012014050402320120140504023
20120140504023
 
Top mobile security threats
Top mobile security threatsTop mobile security threats
Top mobile security threats
 
Mobile security
Mobile securityMobile security
Mobile security
 
cell phone viruses and security
cell phone viruses and securitycell phone viruses and security
cell phone viruses and security
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-history
 
Tips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesTips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android Devices
 
Report of android hacking
Report of android hackingReport of android hacking
Report of android hacking
 
Infographic: The High Cost of BYOD
Infographic: The High Cost of BYODInfographic: The High Cost of BYOD
Infographic: The High Cost of BYOD
 
Cell Phone Viruses & Security
Cell Phone Viruses & SecurityCell Phone Viruses & Security
Cell Phone Viruses & Security
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device security
 

Similar to 10940 img sytr12_mobile_malware

Tips of Mobile Application Security
Tips of Mobile Application SecurityTips of Mobile Application Security
Tips of Mobile Application SecurityMarie Weaver
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile SecurityTharaka Mahadewa
 
Unicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecurityUnicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecuritySubho Halder
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats ReportJuniper Networks
 
Running head mobile application security1mobile application se.docx
Running head mobile application security1mobile application se.docxRunning head mobile application security1mobile application se.docx
Running head mobile application security1mobile application se.docxtodd581
 
Running head mobile application security1mobile application se.docx
Running head mobile application security1mobile application se.docxRunning head mobile application security1mobile application se.docx
Running head mobile application security1mobile application se.docxglendar3
 
Wirelurker
WirelurkerWirelurker
Wirelurkeranupriti
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?acijjournal
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101Lookout
 
Treads to mobile network
Treads to mobile networkTreads to mobile network
Treads to mobile networkRAVITEJA828
 
Mobile protection
Mobile protection Mobile protection
Mobile protection preetpatel72
 
Securing Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSecuring Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSubho Halder
 
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDHONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDIJCNCJournal
 

Similar to 10940 img sytr12_mobile_malware (20)

Smartphone
SmartphoneSmartphone
Smartphone
 
Tips of Mobile Application Security
Tips of Mobile Application SecurityTips of Mobile Application Security
Tips of Mobile Application Security
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile Security
 
Unicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecurityUnicom Conference - Mobile Application Security
Unicom Conference - Mobile Application Security
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats Report
 
Irjet v7 i3811
Irjet v7 i3811Irjet v7 i3811
Irjet v7 i3811
 
Running head mobile application security1mobile application se.docx
Running head mobile application security1mobile application se.docxRunning head mobile application security1mobile application se.docx
Running head mobile application security1mobile application se.docx
 
Running head mobile application security1mobile application se.docx
Running head mobile application security1mobile application se.docxRunning head mobile application security1mobile application se.docx
Running head mobile application security1mobile application se.docx
 
Wirelurker
WirelurkerWirelurker
Wirelurker
 
Mobile Application Security
Mobile Application Security Mobile Application Security
Mobile Application Security
 
Cn35499502
Cn35499502Cn35499502
Cn35499502
 
Mobile security article
Mobile security articleMobile security article
Mobile security article
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
 
Mobile threat report_q3_2013
Mobile threat report_q3_2013Mobile threat report_q3_2013
Mobile threat report_q3_2013
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
 
Treads to mobile network
Treads to mobile networkTreads to mobile network
Treads to mobile network
 
Mobile protection
Mobile protection Mobile protection
Mobile protection
 
Securing Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSecuring Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest Version
 
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDHONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
 
OS-Project-Report-Team-8
OS-Project-Report-Team-8OS-Project-Report-Team-8
OS-Project-Report-Team-8
 

Recently uploaded

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 

Recently uploaded (20)

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 

10940 img sytr12_mobile_malware

  • 1. MOBILE MALWARE This report details the current status of Malware for mobile devices, their security risks, the possible future evolution of Mobile Malware and Future Mitigation Options. INTRODUCTION With the penetration of Smartphones now reaching record highs in the UK, at just under 50% owning a Smartphone (1); it comes to no surprise that the risk of malware on mobile devices is also increasing. With the introduction of the iPad and other tablet computers which are built upon the same firmware as Smartphones; malware can be easily written to infect both devices, giving further support for malicious code writers to focus their sights on mobile devices. CURRENT EXAMPLES OF MOBILE MALWARE Below are examples of real threats to user equipment on various platforms which exist today. The vast majority of malware discovered works on the android platform as it is possible to install unchecked 3rd party applications, unlike the Apple IOS platform. However it is still possible to install unregistered apps from outside the Apple App store by “jail breaking” the iPhone. ANDRIOD TROJAN (JIMM ICQ TROJAN CLIENT) is a piece of malware which is distributed by QR codes. A QR code is an image similar to a barcode which is captured by a Smartphone’s camera. It can be used to provide a link to a WebPage in printed publications. To infect their phone the user scans the QR code which directs them to a webpage that downloads a trojanised version of the JIMM ICQ client. This software when installed sends various SMS message to a premium number costing roughly £4 per message. It is possible for the attackers to hijack QR codes found in public places and replace them with their corrupted versions to infect the victim’s phone. ANDRIOD TROJAN (GOOGLE+ IMITATION APP) creators rely on the fact that users will not pay particular attention to the software they are downloading. They have labelled their software Google++ in the hope to hoodwink their victims. Once installed it captures instant messages, call logs, location, GPS information and other sensitive data. WALKINWAT TROJAN is a corrupted version of the Walk and Text app which uses the Smartphones’ camera to display the world to the user while they send SMS messages, allowing them to walk and text at the same time. This Trojan identifies itself as a pirated version of the popular walk and text app available for free download.  Reply www.reply.eu
  • 2. 2 MOBILE MALWARE Once installed the software extracts IMEI information and other sensitive data and uploads it to a central server for retrieval by the attackers. While uploading the information it sends an SMS message to each of the victim’s contacts saying: “Hey, just downloaded a pirated App off the Internet, Walk and Text for Android. Im stupid and cheap, it costed only 1 buck. Don’t steal like I did!” Symantec have claimed that this is first corrupted app discovered which actively scolds the victim for software piracy. IKEE, IPHONE WORM was the first computer worm discovered for the iPhone during 2009. It only affected users who had “jailbroken” their iPhone; this is when the user gains root access to their phone to install custom firmware to allow for applications not available through the Apple App Store. Through this process of jail breaking, the default installation installs a SSH service with a default username and password. This vulnerability was then exploited by iKee to infiltrate the phone and gain access. This attack vector was then witnessed again by Security Company F-Secure in which another piece of Malware compromised banking transactions on corrupted iPhones. THE FUTURE OF MALWARE The future of malware in mobile devices is evolving at an exponential rate. Many researchers are now trying to fully understand the capabilities of malware on a mobile device; as tablet computers become more popular the malware threat will increase. REGISTER KEYSTROKES OF A KEYBOARD THROUGH A PHONE. Patrick Traynor from Georgia Technology University demonstrated at a conference in Chicago that by using an iPhone’s accelerometer they were capable of capturing the keystrokes of a user on a computer to an accuracy of 80%. Patrick outlined that the malware could work by allowing the user to download a seemingly innocent app which will then sense when the phone is placed upon a hard surface near a keyboard. It will then start to listen for keystrokes and send the information to a central server. (2) IOS APP SECURITY FLAW This was a flaw studied by Charlie Miller where he was able to bypass Apple’s security checks and allow an App listed in their App Store to download a payload and run on the phone. The current security procedure in place at Apple is that all apps are verified before they are available on the App Store. However at the time of the vulnerability, they did not have sufficient measures in place to confirm if the app would try to execute a payload. As Charlie Miller shows in his video, the payload vulnerability allows an attacker to gain near full control of the victim’s phone. This includes the ability to download the user’s address book, download any file which currently resides on the phone and send SMS messages. At the time of writing there is no patch for this. (3) ACTIVE RECORDING OF PHONE CONVERSATIONS Researchers at Total Defence Security have discovered a piece of malware for the
  • 3. 3 MOBILE MALWARE Android Platform which will actively record a user’s phone conversation and upload the file to a central server for retrieval. It stores the recording of the telephone conversation in the AMR format and then stores it on the user’s MicroSD card before uploading. (4) WINDOWS 7 PHONE Currently there are no known security vulnerabilities of the Windows 7 phone operating system. The operating system is fairly new to the Smartphone market so the hackers have had a limited amount of time to find the vulnerabilities. The operating system has strong security preventions in place if a piece of malware were to be installed. All applications that are run on the phone must be developed in Microsoft’s Silverlight development platform. Each application cannot access the system files of the phone, so it is “sandboxed” from the rest of the phone. The inherent security of Silverlight is also present in the phone, the customer sensitive data must be accessed through a series of APIs which launch and collect the data required. This provides a level of security as applications cannot have direct access to the data. (5) SECURITY PRACTICES TO MITIGATE MALWARE With the given rise of malware, the rate of Smartphone anti-virus software has also increased. There are two options available to a user who wishes to mitigate the threat of malware. They can choose to implement a local application which will periodically scan their phone for any signs of malicious application behaviour; or they could implement a cloud security based system. The local application approach is already available from various vendors including Kaspersky and F-Secure. These products can be configured to actively scan any file which is downloaded onto the handset providing a level of security to the user. The second approach is the cloud security based systems such as the recent partnership between Allot and AdaptiveMobile (6). This system, which is currently unavailable, will work on the service provider level as a chargeable opt-in feature. From here the service provider can stop the malware from even reaching the user’s handset providing a higher level of protection. CONCLUSION With higher usage of Smartphones, the pool of victims for Malware creators is increasing at an exponential rate. Today’s Smartphone is also fast becoming a honey pot of personal information; with many users now using their phones for bank transactions, calendar appointments as well as storing detailed contact information of their associates.
  • 4. 4 MOBILE MALWARE This makes any of the malware presented in this report of high risk to users and their data. Any of these malicious programs could cause high levels of damage to the users should their data fall into the hands of the wrong people. It is clear that the average Smartphone user should take greater care about the level of information they hold on their phones, which applications they allow to install and the level of permissions it holds upon the phone. Perhaps, some might even consider mitigating some risks through the use of security software. BIBLIOGRAPHY 1. Arthur, Charles. Half of UK Population own a Smartphone. The Guardian. [Online] 31 October 2011. [Cited: 14 11 2011.] http://www.guardian.co.uk/technology/2011/oct/31/half-uk-population-ownssmartphone. 2. PhysOrg. Turning iPhone into spiPhone: Smartphones' accelerometer can track strokes on nearby keyboards. PhysOrg. [Online] 18 Oct 2011. [Cited: 5 December 2011.] http://www.physorg.com/news/2011-10-iphone-spiphone-smartphones-accelerometer-track.html. 3. Greenberg, Andy. iPhone Security Bug Lets Innocent-Looking Apps Go Bad. Forbes. [Online] 7 Nov 2011. [Cited: 5 Dec 2011.] http://www.forbes.com/sites/andygreenberg/2011/11/07/iphone-securitybug-lets-innocent-looking-apps-go-bad/. 4. Venkatesan, Dinesh. A Trojan spying on your conversations. Total Defense Blog. [Online] 1 Aug 2011. [Cited: 5 Dec 2011.] http://www.totaldefense.com/securityblog/2011/08/26/A-Trojan-spying-on-yourconversations.aspx. 5. Shinder, Deb. Windows Phone 7 Security Implications. Windows Security. [Online] 12 Jan 2011. [Cited: 5 Dec 2011.] http://www.windowsecurity.com/articles/Windows-Phone-7-Security-Implications.html. 6. Allot. Allot and AdaptiveMobile Partner to Enable Carriers to Deliver Personalized Cloud Security . Allot Press Releases. [Online] 4 Oct 2011. [Cited: 5 Dec 2011.] http://www.allot.com/index.aspx?id=3797&itemID=70861. Sytel Reply UK is the company of the Reply group that is specialised in the Telecommunication, Media and Entertainment (TM&E) markets in the UK and Ireland. The Sytel Reply mission is to support clients during their technology and business innovation processes by planning, developing and managing solutions for Networking, BSS and OSS and Mobile Applications within TM&E service provider market. Sytel Reply, thanks to its in-depth competence and experience, boasts a team of highly skilled professionals able to manage any end-to-end business and technology transformation programmes. Sytel Reply UK www.replyltd.co.uk